04-28-20 | Blog Post
Deploying Disaster Recovery or Disaster Recovery as a service on a per workload basis would be a fairly straight forward topic if only reviewing the technical aspects of implementation. It’s not that simple if you seek to balance impact, survivability, and costs. An analysis of the value of each workload and its overall impact on the business, in the event of disruption or loss, is a critical precursor to determining the level of disaster recovery required.
The process to determine value and protection requirements are typically part of a Business Impact Analysis (BIA) a company-wide plan for operational continuity and resilience. PWC has provided interesting insights regarding companies that have mature cyber strategies and are most resilient to threats, referring to them as having a “higher Resilience Quotient (RQ).” High-RQ companies, and the executives that lead them, “no longer use a traditional disaster recovery/business continuity model. Instead, they focus on resilience by design.” Resilience by design defines processes and data in terms of priority to the business and designates real time policies and protections to minimize harm and reduce risk. Out of 3500 businesses surveyed, the high-RQ respondents are 73% confident they can manage today’s new risks that will test their business resilience. The core of this business resilience effort is essentially determining the value of each process and workload and assigning the corresponding level of protection required to make it survivable.
The variety of data and applications considered business critical are generally recognized within the individual organization, but the applications, data and IT platforms which drive business critical must be protected as fully survivable too. For banking, the transactional interface to the customer is considered business critical, for airlines it’s reservations, but what about the ERP and CRM that provide and modify the customer data or the exchange services that allow the business to respond to a customer need? Protection of essential workloads begins at the business level. The requirements to deliver the essential customer experience, maintain a supply chain, or power a communications network depend upon technology and data at the back-end. Effectively backing up those technologies and data is the key to business continuity.
Two basic definitions; Recovery Time Objective (RTO) defines the maximum allowable downtime for an application or process. Recovery Point Objective (RPO) defines the maximum allowable data loss an application or process can undergo. (e.g. time between backups.) Both of these objectives measure recovery vs potential for damage to the business. Typically for Disaster Recovery services, the shorter the time interval required to achieve the designated RTO and/or RPO, the higher the cost. In order of ascending costs, the levels of available Disaster Recovery are best defined as:
In summary, if a process is followed to establish a business value per workload, then the appropriate level of Disaster Recovery can be selected while still delivering the best economic value.
Disaster Recovery, RTO/RPO, and business continuity are complex issues. A disaster can have real impact on a business and cause a significant loss of revenue or even force a business to close if they don’t have a proper, working DR plan. That’s why it’s never been more important to have a recovery plan tested and in place. If you’re ready to put your organization, large or small, into a high state of IT resiliency, we can help! Otava’s disaster recovery as a service, powered by Zerto, helps you stay up and running in the face of cyber-attacks, natural disasters and system failures. Together, we got this!
Disaster Recovery Lessons We All Can Learn
Thanks to the cloud, disaster recovery has evolved from a complex beast that was difficult and expensive to manage into something a little simpler and tamer to handle. Does that mean DR is something where we “set it and forget it”?……
Disaster Recovery and Business Continuity in the remote workforce environment
In the decades-long evolution of the remote worker, policy, data protection, security and compliance all kept pace with the rollout of users and applications. Today, there is a new and onerous dimension added to this evolution……
3 IT New Year’s Resolutions to Keep in 2020
Every year it seems like we make grand plans for change and then never follow through with them. Here are some resolutions worth keeping in 2020….